Within the next few days, it’s likely you’ll be hearing a lot about the heartbleed bug.

It’s a huge security flaw that’s just been discovered and it severely impacts the entire Web.

Millions of passwords, credit card numbers, and other sensitive pieces of information have been exposed in the wake of the threat. Hackers have attacked OpenSSL, a technology that provides encryption for an estimated 66% of servers worldwide.

Tumblr and OkCupid are just a couple of the companies that have been compromised. You can check the status of individual websites here:

Experts say you should wait for a couple of days before changing all of your passwords. Using impacted sites before they’ve had time to secure their data could put you at further risk.

When you do update your passwords, take note of these tips from the LA Times:

Create passwords that contain at least eight characters

Do not use words that appear in the dictionary. Ex: Use “ILuvMyCaat” instead of “ILoveMyCat”

Mix up capitalized and lower-cased letters. Passwords that are case sensitive are harder to crack.

Use numbers and symbols, and replaces letters with these characters. Ex: Instead of “iILuvmyYcAaT,” use “i1LuvmyYcA4T9.”

Make different passwords for every website you frequent.

Keep a close watch on all of your financial statements for the next few weeks. Alert your bank if you notice any unfamiliar charges on your account.

CNET also suggests personally reaching out to small businesses that have access to your data. Large companies will work swiftly to fix the problem, but with smaller companies, you should take action to ensure the safety of your personal data.